From owner-freebsd-hackers@FreeBSD.ORG Sat Mar 6 11:26:34 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 238B516A4CE for ; Sat, 6 Mar 2004 11:26:34 -0800 (PST) Received: from smtp4.acsu.buffalo.edu (smtp4.acsu.buffalo.edu [128.205.6.179]) by mx1.FreeBSD.org (Postfix) with SMTP id 79F1E43D1F for ; Sat, 6 Mar 2004 11:26:33 -0800 (PST) (envelope-from chsiung2@buffalo.edu) Received: (qmail 16707 invoked from network); 6 Mar 2004 19:26:32 -0000 Received: from dhcp103-091.openport.buffalo.edu (HELO bear.bflony.adelphia.net) (128.205.103.91) by smtp4.acsu.buffalo.edu with SMTP; 6 Mar 2004 19:26:32 -0000 Date: Sat, 6 Mar 2004 14:26:51 +0000 From: chungwei Hsiung To: freebsd-hackers@freebsd.org Message-Id: <20040306142651.314430be@bear.bflony.adelphia.net> In-Reply-To: <20040305233209.GO67801@wantadilla.lemis.com> References: <4048CA38.6040203@yahoo.com> <20040305233209.GO67801@wantadilla.lemis.com> X-Mailer: Sylpheed version 0.9.8claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Strange instructions in compiler output (was: A simple question) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Mar 2004 19:26:34 -0000 Hello everyone Thanks for fellows' previous helps. I actually have a further question. I read an article that it says if I compile the following program #include int main(){ char *name[2]; name[0] = "/bin/sh"; name[1] = NULL; execve(name[0],name,NULL); return 0; } by gcc -o shellcode -ggdb -static shellcode.c when i "disassemble execve" inside gdb, I should be able to see the assembly code for execve, but I can't see those codes for execve(). Does anyone know how I can get the assembly code and see how the execve() works?? btw, I am using gcc3.2.2 any help is really appreciated best regards Chungwei On Sat, 6 Mar 2004 10:02:09 +1030 Greg 'groggy' Lehey wrote: > On Friday, 5 March 2004 at 13:43:04 -0500, Chungwei Hsiung wrote: > > Hello.. > > I am super new to this list, and I have a simple question that I don't > > know why it does that. I have a simple test program. I compile it, and > > gdb to disassemble main. I got the following.. > > > > 0x80481f8
: push %ebp > > 0x80481f9 : mov %esp,%ebp > > 0x80481fb : sub $0x8,%esp > > 0x80481fe : and $0xfffffff0,%esp > > 0x8048201 : mov $0x0,%eax > > 0x8048206 : sub %eax,%esp > > 0x8048208 : movl $0x804a6ce,0xfffffff8(%ebp) > > 0x804820f : movl $0x0,0xfffffffc(%ebp) > > 0x8048216 : sub $0x4,%esp > > 0x8048219 : push $0x0 > > 0x804821b : lea 0xfffffff8(%ebp),%eax > > 0x804821e : push %eax > > 0x804821f : pushl 0xfffffff8(%ebp) > > 0x8048222 : call 0x804823c > > 0x8048227 : add $0x10,%esp > > 0x804822a : mov $0x0,%eax > > 0x804822f : leave > > 0x8048230 : ret > > > > I don't know if at line 5, we move zero to %eax. why do we need to sub > > %eax, %esp? why do we need to substract 0 from the stack pointer?? > > Any help is really appreciated. > > This is probably because you didn't optimize the output. You'd be > surprised how many redundant instructions the compiler puts in under > these circumstances. Try optimizing and see what the code looks like. > > If this *was* done with optimization, let's see the source code. > > Greg > -- > Note: I discard all HTML mail unseen. > Finger grog@FreeBSD.org for PGP public key. > See complete headers for address and phone numbers. >